From 7bbe700f3f170cc4527131165a9b9ab1f99e5cd1 Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 16 Oct 2014 16:19:19 -0700 Subject: mark signature forgeries --- include/ItemObject.php | 4 +++- include/conversation.php | 6 +++++- 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/ItemObject.php b/include/ItemObject.php index 7c75e35bd..90c036def 100644 --- a/include/ItemObject.php +++ b/include/ItemObject.php @@ -191,7 +191,8 @@ class Item extends BaseObject { } - $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message is verified') : ''); + $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message signature validated') : ''); + $forged = ((($item['sig']) && (! ($item['item_flags'] & ITEM_VERIFIED))) ? t('Message signature incorrect') : ''); $unverified = '' ; // (($this->is_wall_to_wall() && (! ($item['item_flags'] & ITEM_VERIFIED))) ? t('Message cannot be verified') : ''); @@ -269,6 +270,7 @@ class Item extends BaseObject { 'lock' => $lock, 'verified' => $verified, 'unverified' => $unverified, + 'forged' => $forged, 'location' => $location, 'indent' => $indent, 'owner_url' => $this->get_owner_url(), diff --git a/include/conversation.php b/include/conversation.php index 92ba18d13..b22b570a1 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -649,7 +649,10 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $likebuttons = false; $shareable = false; - $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message is verified') : ''); + $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message signature validated') : ''); + $forged = ((($item['sig']) && (! ($item['item_flags'] & ITEM_VERIFIED))) ? t('Message signature incorrect') : ''); + + $unverified = ''; @@ -682,6 +685,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ 'mentions' => $mentions, 'verified' => $verified, 'unverified' => $unverified, + 'forged' => $forged, 'txt_cats' => t('Categories:'), 'txt_folders' => t('Filed under:'), 'has_cats' => ((count($categories)) ? 'true' : ''), -- cgit v1.2.3 From e8be2ff8daff6c0acae69dff5138d1edc6ef87bb Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 19 Oct 2014 15:54:20 -0700 Subject: wall-e random signature failures --- include/html2bbcode.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/html2bbcode.php b/include/html2bbcode.php index df430e6c7..6d6e6333b 100644 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -283,8 +283,9 @@ function html2bbcode($message) array('[b]', '[/b]', '[i]', '[/i]'), $message); // Handling Yahoo style of mails - $message = str_replace('[hr][b]From:[/b]', '[quote][b]From:[/b]', $message); + // $message = str_replace('[hr][b]From:[/b]', '[quote][b]From:[/b]', $message); + $message = htmlspecialchars($message,ENT_COMPAT,'UTF-8',false); return(trim($message)); } -- cgit v1.2.3 From bae3029c639bf6f9469dd93bfedc3dce0d8510d7 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 19 Oct 2014 16:12:05 -0700 Subject: merge madness --- include/datetime.php | 181 ++++++++++++++++++++------------------------------- include/nav.php | 2 +- 2 files changed, 73 insertions(+), 110 deletions(-) (limited to 'include') diff --git a/include/datetime.php b/include/datetime.php index 84ab1e2fa..fe0f29c7a 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -130,135 +130,98 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d function dob($dob) { list($year,$month,$day) = sscanf($dob,'%4d-%2d-%2d'); - $y = datetime_convert('UTC',date_default_timezone_get(),'now','Y'); $f = get_config('system','birthday_input_format'); if(! $f) $f = 'ymd'; - $o = datesel($f,'',1920,$y,true,$year,$month,$day); - return $o; -} - -function datesel_format($f) { - - $o = ''; + $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob'); - if(strlen($f)) { - for($x = 0; $x < strlen($f); $x ++) { - switch($f[$x]) { - case 'y': - if(strlen($o)) - $o .= '-'; - $o .= t('year'); - break; - case 'm': - if(strlen($o)) - $o .= '-'; - $o .= t('month'); - break; - case 'd': - if(strlen($o)) - $o .= '-'; - $o .= t('day'); - break; - default: - break; - } - } - } return $o; } -// returns a date selector. -// $f = format string, e.g. 'ymd' or 'mdy' -// $pre = prefix (if needed) for HTML name and class fields -// $ymin = first year shown in selector dropdown -// $ymax = last year shown in selector dropdown -// $allow_blank = allow an empty response on any field -// $y = already selected year -// $m = already selected month -// $d = already selected day - +/** + * returns a date selector + * @param $format + * format string, e.g. 'ymd' or 'mdy'. Not currently supported + * @param $min + * unix timestamp of minimum date + * @param $max + * unix timestap of maximum date + * @param $default + * unix timestamp of default date + * @param $id + * id and name of datetimepicker (defaults to "datetimepicker") + */ +function datesel($format, $min, $max, $default,$id = 'datepicker') { + return datetimesel($format,$min,$max,$default,$id,true,false); +} -function datesel($f,$pre,$ymin,$ymax,$allow_blank,$y,$m,$d) { +/** + * returns a date selector + * @param $format + * format string, e.g. 'ymd' or 'mdy'. Not currently supported + * @param $h + * already selected hour + * @param $m + * already selected minute + * @param $id + * id and name of datetimepicker (defaults to "timepicker") + */ +function timesel($format,$h,$m,$id='timepicker') { + return datetimesel($format,mktime(),mktime(),mktime($h,$m),$id,false,true); +} +/** + * returns a datetime selector + * @param $format + * format string, e.g. 'ymd' or 'mdy'. Not currently supported + * @param $min + * unix timestamp of minimum date + * @param $max + * unix timestap of maximum date + * @param $default + * unix timestamp of default date + * @param $id + * id and name of datetimepicker (defaults to "datetimepicker") + * @param $pickdate + * true to show date picker (default) + * @param $picktime + * true to show time picker (default) + * @param $minfrom + * set minimum date from picker with id $minfrom (none by default) + * @param $maxfrom + * set maximum date from picker with id $maxfrom (none by default) + */ +function datetimesel($format, $min, $max, $default, $id = 'datetimepicker', $pickdate = true, $picktime = true, $minfrom = '', $maxfrom = '') { $o = ''; - if(strlen($f)) { - for($z = 0; $z < strlen($f); $z ++) { - if($f[$z] === 'y') { - - $o .= " "; - return $o; -} + $mindate = $min ? "new Date($min*1000)" : ''; + $maxdate = $max ? "new Date($max*1000)" : ''; + + $defaultDate = $default ? ", defaultDate: new Date($default*1000)" : ''; + $pickers = ''; + if(!$pickdate) $pickers .= 'pickDate: false,'; + if(!$picktime) $pickers .= 'pickTime: false,'; -function timesel($pre,$h,$m) { + $extra_js = ''; + if($minfrom != '') + $extra_js .= "\$('#$minfrom').on('dp.change',function (e) { \$('#$id').data('DateTimePicker').setMinDate(e.date); });"; - $o = ''; - $o .= " : "; + $o .= "
"; + $o .= ""; return $o; } - - - - - - - // implements "3 seconds ago" etc. // based on $posted_date, (UTC). // Results relative to current timezone @@ -516,4 +479,4 @@ function update_birthdays() { } } } -} \ No newline at end of file +} diff --git a/include/nav.php b/include/nav.php index ba817648b..f1f89db20 100644 --- a/include/nav.php +++ b/include/nav.php @@ -142,7 +142,7 @@ EOT; sprintf( t('%s - click to logout'), $observer['xchan_addr'])); } else { - $nav['loginmenu'][] = Array('rmagic',t('Remote login'),'',t('Click to authenticate to your home hub')); + $nav['loginmenu'][] = Array('rmagic',t('Remote authentication'),'',t('Click to authenticate to your home hub')); } /** -- cgit v1.2.3 From fd492386bf13152750c4db7306950d52b1105af1 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 19 Oct 2014 17:31:10 -0700 Subject: Tried this once before but had to revert. Basically prevent a comment from being relayed more than once - as it's a huge drain on resources. But last time I tried this, wall-to-wall comments stopped getting relayed. This checkin should do the right thing in both conditions. --- include/zot.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 869bca668..e96eae10d 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1476,11 +1476,13 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) { continue; } - $r = q("select id, edited from item where mid = '%s' and uid = %d limit 1", + $r = q("select id, edited, item_flags, mid, parent_mid from item where mid = '%s' and uid = %d limit 1", dbesc($arr['mid']), intval($channel['channel_id']) ); if($r) { + // We already have this post. + // Maybe it has been edited? $item_id = $r[0]['id']; if($arr['edited'] > $r[0]['edited']) { $arr['id'] = $r[0]['id']; @@ -1492,6 +1494,10 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) { } else { $result[] = array($d['hash'],'update ignored',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); + // We need this line to ensure wall-to-wall comments are relayed (by falling through to the relay bit), + // and at the same time not relay any other relayable posts more than once, because to do so is very wasteful. + if(! ($r[0]['item_flags'] & ITEM_ORIGIN)) + continue; } } else { -- cgit v1.2.3 From 8227be0ab0018866cb3a1a5d597b8712ba547d7f Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 19 Oct 2014 19:20:25 -0700 Subject: show true author of wall-to-wall comments to Diaspora viewers just like we did for wall-to-wall posts. --- include/bb2diaspora.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'include') diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php index 76708143b..9a87de5b2 100644 --- a/include/bb2diaspora.php +++ b/include/bb2diaspora.php @@ -286,6 +286,19 @@ function bb2diaspora_itemwallwall(&$item) { . '[url=' . $item['author']['xchan_url'] . ']' . $item['author']['xchan_name'] . '[/url]' . "\n\n" . $item['body']; } + + // We have to do something similar for wall-to-wall comments. ITEM_WALL|ITEM_ORIGIN indicates that it was posted on this site. + // Regular matrix comments may have one of these bits set, but not both. + + if(($item['mid'] != $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && ($item['item_flags'] & (ITEM_WALL|ITEM_ORIGIN)) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_m']) { + logger('bb2diaspora_itemwallwall: wall to wall comment',LOGGER_DEBUG); + // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author. + $item['body'] = "\n\n" + . '[img]' . $item['author']['xchan_photo_m'] . '[/img]' + . '[url=' . $item['author']['xchan_url'] . ']' . $item['author']['xchan_name'] . '[/url]' . "\n\n" + . $item['body']; + } + // $item['author'] might cause a surprise further down the line if it wasn't expected to be here. if(! $author_exists) -- cgit v1.2.3 From c909b8be060cb04479eba79232030e3da25410c6 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 19 Oct 2014 21:41:38 -0700 Subject: don't auto-archive connections we can't poll. --- include/poller.php | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/poller.php b/include/poller.php index 2febaeb32..61298b0ab 100644 --- a/include/poller.php +++ b/include/poller.php @@ -254,7 +254,7 @@ function poller_run($argv, $argc){ ); - $contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_channel + $contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel FROM abook LEFT JOIN account on abook_account = account_id where 1 $sql_extra AND (( abook_flags & %d ) OR ( abook_flags = %d )) @@ -310,12 +310,17 @@ function poller_run($argv, $argc){ // He's dead, Jim if(strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $c . " + 30 day")) > 0) { - $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d limit 1", - intval(ABOOK_FLAG_ARCHIVED), - intval($contact['abook_id']) + $n = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", + dbesc($contact['abook_xchan']) ); - $update = false; - continue; + if($n && $n[0]['xchan_network'] == 'zot') { + $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d limit 1", + intval(ABOOK_FLAG_ARCHIVED), + intval($contact['abook_id']) + ); + $update = false; + continue; + } } if($contact['abook_flags'] & ABOOK_FLAG_ARCHIVED) { -- cgit v1.2.3